Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[ GLSA 200906-05 ] Wireshark: Multiple vulnerabilities
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index News & Announcements
View previous topic :: View next topic  
Author Message
GLSA
Veteran
Veteran


Joined: 12 May 2004
Posts: 1612

PostPosted: Tue Jun 30, 2009 1:26 pm    Post subject: [ GLSA 200906-05 ] Wireshark: Multiple vulnerabilities Reply with quote

Gentoo Linux Security Advisory

Title: Wireshark: Multiple vulnerabilities (GLSA 200906-05)
Severity: high
Exploitable: remote
Date: June 30, 2009
Bug(s): #242996, #248425, #258013, #264571, #271062
ID: 200906-05

Synopsis

Multiple vulnerabilities have been discovered in Wireshark which allow for Denial of Service or remote code execution.

Background

Wireshark is a versatile network protocol analyzer.

Affected Packages

Package: net-analyzer/wireshark
Vulnerable: < 1.0.8
Unaffected: >= 1.0.8
Architectures: All supported architectures


Description

Multiple vulnerabilities have been discovered in Wireshark:
  • David Maciejak discovered a vulnerability in packet-usb.c in the USB dissector via a malformed USB Request Block (URB) (CVE-2008-4680).
  • Florent Drouin and David Maciejak reported an unspecified vulnerability in the Bluetooth RFCOMM dissector (CVE-2008-4681).
  • A malformed Tamos CommView capture file (aka .ncf file) with an "unknown/unexpected packet type" triggers a failed assertion in wtap.c (CVE-2008-4682).
  • An unchecked packet length parameter in the dissect_btacl() function in packet-bthci_acl.c in the Bluetooth ACL dissector causes an erroneous tvb_memcpy() call (CVE-2008-4683).
  • A vulnerability where packet-frame does not properly handle exceptions thrown by post dissectors caused by a certain series of packets (CVE-2008-4684).
  • Mike Davies reported a use-after-free vulnerability in the dissect_q931_cause_ie() function in packet-q931.c in the Q.931 dissector via certain packets that trigger an exception (CVE-2008-4685).
  • The Security Vulnerability Research Team of Bkis reported that the SMTP dissector could consume excessive amounts of CPU and memory (CVE-2008-5285).
  • The vendor reported that the WLCCP dissector could go into an infinite loop (CVE-2008-6472).
  • babi discovered a buffer overflow in wiretap/netscreen.c via a malformed NetScreen snoop file (CVE-2009-0599).
  • A specially crafted Tektronix K12 text capture file can cause an application crash (CVE-2009-0600).
  • A format string vulnerability via format string specifiers in the HOME environment variable (CVE-2009-0601).
  • THCX Labs reported a format string vulnerability in the PROFINET/DCP (PN-DCP) dissector via a PN-DCP packet with format string specifiers in the station name (CVE-2009-1210).
  • An unspecified vulnerability with unknown impact and attack vectors (CVE-2009-1266).
  • Marty Adkins and Chris Maynard discovered a parsing error in the dissector for the Check Point High-Availability Protocol (CPHAP) (CVE-2009-1268).
  • Magnus Homann discovered a parsing error when loading a Tektronix .rf5 file (CVE-2009-1269).
  • The vendor reported that the PCNFSD dissector could crash (CVE-2009-1829).


Impact

A remote attacker could exploit these vulnerabilities by sending specially crafted packets on a network being monitored by Wireshark or by enticing a user to read a malformed packet trace file which can trigger a Denial of Service (application crash or excessive CPU and memory usage) and possibly allow for the execution of arbitrary code with the privileges of the user running Wireshark.

Workaround

There is no known workaround at this time.

Resolution

All Wireshark users should upgrade to the latest version:
Code:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-1.0.8"


References

CVE-2008-4680
CVE-2008-4681
CVE-2008-4682
CVE-2008-4683
CVE-2008-4684
CVE-2008-4685
CVE-2008-5285
CVE-2008-6472
CVE-2009-0599
CVE-2009-0600
CVE-2009-0601
CVE-2009-1210
CVE-2009-1266
CVE-2009-1268
CVE-2009-1269
CVE-2009-1829


Last edited by GLSA on Wed Jul 01, 2009 4:18 am; edited 1 time in total
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index News & Announcements All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum